Click Here
for more articles |
|
|
The Anti Spam Challenge – Minimizing False Positives |
by:
Paul Judge, CTO, CipherTrust, Inc. |
Email isquintessential business communication tool, so when it doesn’t work like it’s supposed to, business suffers. Anti spam software is designed to protect your inbox from unwanted messages, but unless your system is properly trained evenbest software missesmark and flags legitimate messages as spam. These messages are referred to as “false positives.”
While consumer and ISP anti spam products focus on blocking messages and even consider some false positives acceptable, businesses require anti spam solutions that treat their messages as very valuable. Failing to receive critical messages intimely fashion can do irreparable damage to customer and partner relationships and cause important orders to be missed, so eliminating false positives while maintaining high anti spam accuracy is paramount to any enterprise anti spam solution.
What causes false positives?
Different anti spam solutions utilize different methods of detecting and blocking spam. Anti spam software typically uses content filtering or Bayesian Logic,advanced content filtering method, to score each email, looking for certain tell-tale signs of spammer habits such as frequently used terms like “Viagra” or “click here.” Other anti spam solutions reference blacklists and whitelists to determine whethersender has shown spammer tendencies inpast. A false positive can occur whenlegitimate sender raises enough red flags, either by using too many “spam terms” or sending fromIP address that has been used by spammers inpast.
Minimizing False Positives
Although it takesperson onlymoment to processmessage and identify it as spam, it is difficult to automate that human process because no single message characteristic consistently identifies spam. In fact, there are hundreds of different message characteristics that may indicateemail is spam, andeffective anti spam solution must be capable of employing multiple spam detection techniques to effectively cover all bases.
A comprehensive anti spam approach involves examining both message content and sender history in tandem. By usingreputation system to evaluate senders based on their past behavior,more accurate picture of their intentions and legitimacy can be discerned, andsolution’s false positive rate can be further lowered. Hassender engaged in spamming, virus distribution or phishing attacks inpast? If not,likelihood of their message getting pastemail gateway just went up, andchances offalse positive declined accordingly. If they have,effective reputation system knows and flagsmessage.
Self-Optimization
In order to be most effective, anti spam solutions must learn based onrecipient’s preferences. While most of us prefer not to receive emails containingterm Viagra, some medical organizations might need to receive these emails in order to process patient data. In order to best learn your organizational preferences, anti spam solutions should put filtered emails intoquarantine that allows users to review and make decisions as to whetherparticular message is spam. Making this quarantine available toend-user lowersadministration costs and increasesaccuracy ofanti spam system.
Each timeuser makesdecision about whetherparticular email is or is not spam,system becomes more personalized and intelligent about filtering email for that individual infuture. Over time, users find that they rarely need to review their quarantines anymore becausesystem has learned how to identify messages that are important to that user.
Don’t throwbaby out withbathwater
In conclusion, it is imperative that false positives be kept toabsolute minimum for business users. Although consumers may have more patience with incorrectly blocked email, businesses cannot afford these types of problems. An effective, accurate anti spam solution aggregates multiple spam detection technologies, combiningbenefits of each individual technique to stop spam while minimizing false positives. It also puts suspected spam intoquarantine that is available to end-users, and learns how to better identify spam infuture.
Aboutauthor:
Dr. Paul Judge isnoted scholar and entrepreneur. He is Chief Technology Officer at CipherTrust,industry's largest provider of enterprise email security. The company’s flagship product, IronMail providesbest of breed enterprise anti spam solution designed to stop spam, phishing attacks and other email-based threats. Learn more by visiting www.ciphertrust.com/products/spam_and_fraud_protection today.
Circulated by Article Emporium
|
|
